VSFTPd problem

[Paul F. Johnson]

Hi,

> > I've never had this problem before with vsftpd and am using the default
> > security settings (firewall on, set for ftp, www, ssh and ntp ports to
> > be open and SELinux to be nice).
> 
> "man ftpd_selinux" says:
> 
>    SELinux ftp daemon policy is customizable based on least access
>    required. So by default SElinux does not allow users to login and
>    read their home directories. If you are setting up this machine as
>    a ftpd server and wish to allow users to access their home
>    directorories, you need to set the ftp_home_dir boolean.
> 
>    setsebool -P ftp_home_dir 1
> 
> I guess you've already done this since downloads are working.

Yep. Normally, all I ever have to do is set up a user and they instantly
get read/write ftp access. This one box is proving to be a pain!

> Are you getting any AVC messages in /var/log/audit/audit.log when trying
> to write to this area? Are the home directories on a local filesystem or
> are you using NFS/samba etc.?

I'll need to look at audit.log. All home directories are accessed via
ftp and are held on a bog standard ext3 drive.

> > Second to this, how do I get it to allow passive transfers? proftpd
> > seemed to do this by default (IIRC), but I can't get vsftpd to do it.
> 
> Pass; I'm also a proftpd user and haven't tried vsftpd.

Ah....

> > Any help would be appreciated and if you're in the Salford area of
> > Manchester, beer provided :-)
> 
> Given the Shanks quote common in your sigs, it would appear you're deep
> in enemy territory ;-) I'm in Sale.

Well, hopefully I won't be here for that much longer (10 years of being
just down the road from failureville - Old Trafford to those who don't
know it) is more than enough. Got my teaching qualifications, just a
matter of finding a job nearer to St Helens.

TTFN

Paul
-- 
"Logic, my dear Zoe, is merely the ability to be wrong with authority" -
Dr Who